API Reference
Safe House
Agents
Traces
Integrity
Checkpoints
Enforcement
Agent Containment
Conscience Values
Unified cards
AIP Webhooks
Auth
- GETGet authenticated user info and linked agents
- DELDelete authenticated user account and unlink agents
- GETCheck if email domain has SSO enabled
- POSTSign up with email + password
- POSTSign in with email + password
- POSTSign out and clear session cookies
- GETCookie-aware whoami
- POSTCLI password login — returns bearer tokens
- POSTCLI token refresh
- POSTExchange a cookie session for raw Supabase tokens
- POSTIssue a challenge for a TOTP factor
- POSTComplete MFA step-up or enrollment
- GETList the current user's TOTP factors
- POSTEnroll a new TOTP factor
- POSTUnenroll a TOTP factor
- POSTRequest a password reset email
- POSTResend email confirmation
- GETEmail-link landing (confirm / recovery / magic link)
- POSTBegin an SSO login flow
- GETIdP callback landing
- POSTBegin passkey enrollment — return WebAuthn creation options
- POSTVerify passkey registration + persist the credential
- POSTBegin passkey sign-in — return WebAuthn assertion options
- POSTVerify passkey assertion and issue a session
- GETList enrolled passkeys
- DELRemove an enrolled passkey
Billing
- POSTCreate Stripe checkout session
- POSTCreate Stripe billing portal session
- GETGet current subscription details
- POSTCancel subscription at period end
- POSTReactivate a subscription scheduled for cancellation
- POSTChange subscription plan
- GETList invoices
- GETGet authenticated user billing summary
- GETGet plan feature flags for authenticated user
- GETGet usage metrics for current user
- GETGet per-agent usage breakdown
- GETGet budget alert settings
- PUTSet budget alert threshold
- GETExport usage data as CSV
- POSTValidate a promo code
- POSTSubmit enterprise contact form
- GETList public pricing plans
- POSTCreate a personal API key
- GETList active API keys
- DELRevoke an API key
- POSTRotate a personal API key
Organizations
- POSTCreate organization
- GETList organizations for authenticated user
- GETGet organization details
- PATCHUpdate organization
- DELDelete organization (owner only)
- GETList organization members
- PATCHUpdate member role (owner only)
- DELRemove member or self-leave
- POSTInvite member to organization
- GETList pending invitations
- DELRevoke a pending invitation
- POSTAccept an organization invitation
- GETList agents in organization
- POSTCreate organization API key
- GETList organization API keys
- DELRevoke organization API key
- POSTRotate an organization API key
- GETGet SSO configuration for organization
- PUTConfigure SAML SSO for organization (owner only)
- DELRemove SSO configuration (owner only)
- POSTTest SSO metadata URL validity
- POSTEnable Safe House for an organization
- GETGet organization alignment template
- PUTSet organization alignment template
- DELDelete organization alignment template
- GETGet organization protection template
- PUTSet organization protection template
- DELDelete organization protection template
- GETGet organization usage
- GETGet organization cost rollup
- GETGet billing summary
- POSTOpen the Stripe Customer Portal
- GETRead the audit log
Teams
- Teams API
- POSTCreate a team
- GETGet team by ID
- PATCHUpdate team
- DELArchive team
- POSTAdd members to team
- DELRemove member from team
- GETGet team roster history
- GETList teams in organization
- GETGet team alignment card
- PUTSet team alignment card
- POSTDerive team card from member cards
- GETGet team card version history
Team Reputation
Webhook Notifications
Licensing
Verification
Reclassification
Reputation
Get the org protection template
curl --request GET \
--url https://api.mnemom.ai/v1/orgs/{org_id}/protection-template \
--header 'Authorization: Bearer <token>'{
"org_id": "<string>",
"template": {
"card_version": "<string>",
"agent_id": "<string>",
"values": {
"declared": [
"<string>"
],
"definitions": {},
"conflicts_with": [
"<string>"
],
"hierarchy": "lexicographic"
},
"autonomy": {
"bounded_actions": [
"<string>"
],
"escalation_triggers": [
{
"condition": "<string>",
"action": "escalate",
"reason": "<string>"
}
],
"forbidden_actions": [
"<string>"
],
"max_autonomous_value": {
"amount": 123,
"currency": "<string>"
}
},
"audit": {
"retention_days": 123,
"queryable": true,
"trace_format": "<string>",
"query_endpoint": "<string>",
"tamper_evidence": "append_only",
"storage": {
"type": "local",
"location": "<string>"
}
},
"card_id": "<string>",
"issued_at": "2023-11-07T05:31:56Z",
"expires_at": "2023-11-07T05:31:56Z",
"principal": {
"type": "human",
"relationship": "delegated_authority",
"identifier": "<string>",
"escalation_contact": "<string>"
},
"conscience": {
"mode": "augment",
"values": [
{
"type": "BOUNDARY",
"content": "<string>",
"id": "<string>",
"severity": "advisory"
}
]
},
"integrity": {
"enforcement_mode": "observe"
},
"capabilities": {},
"enforcement": {
"forbidden_tools": [
{
"pattern": "<string>",
"reason": "<string>",
"severity": "critical"
}
],
"unmapped_tool_action": "allow",
"fail_open": true,
"mode": "off",
"grace_period_hours": 123
},
"extensions": {},
"_composition": {
"canonical_id": "<string>",
"composed_at": "2023-11-07T05:31:56Z",
"scopes_applied": [
{
"scope": "<string>",
"version": 123,
"template_version": 123,
"card_id": "<string>"
}
],
"exemptions_applied": [
"<string>"
],
"source_card_id": "<string>",
"source_policy_id": "<string>"
}
},
"enabled": true
}Organizations
Get organization protection template
Returns the org-level protection (Safe House) template composed into every member agent’s canonical protection card. Any org role may read. See ADR-008 (UC-4).
GET
/
orgs
/
{org_id}
/
protection-template
Get the org protection template
curl --request GET \
--url https://api.mnemom.ai/v1/orgs/{org_id}/protection-template \
--header 'Authorization: Bearer <token>'{
"org_id": "<string>",
"template": {
"card_version": "<string>",
"agent_id": "<string>",
"values": {
"declared": [
"<string>"
],
"definitions": {},
"conflicts_with": [
"<string>"
],
"hierarchy": "lexicographic"
},
"autonomy": {
"bounded_actions": [
"<string>"
],
"escalation_triggers": [
{
"condition": "<string>",
"action": "escalate",
"reason": "<string>"
}
],
"forbidden_actions": [
"<string>"
],
"max_autonomous_value": {
"amount": 123,
"currency": "<string>"
}
},
"audit": {
"retention_days": 123,
"queryable": true,
"trace_format": "<string>",
"query_endpoint": "<string>",
"tamper_evidence": "append_only",
"storage": {
"type": "local",
"location": "<string>"
}
},
"card_id": "<string>",
"issued_at": "2023-11-07T05:31:56Z",
"expires_at": "2023-11-07T05:31:56Z",
"principal": {
"type": "human",
"relationship": "delegated_authority",
"identifier": "<string>",
"escalation_contact": "<string>"
},
"conscience": {
"mode": "augment",
"values": [
{
"type": "BOUNDARY",
"content": "<string>",
"id": "<string>",
"severity": "advisory"
}
]
},
"integrity": {
"enforcement_mode": "observe"
},
"capabilities": {},
"enforcement": {
"forbidden_tools": [
{
"pattern": "<string>",
"reason": "<string>",
"severity": "critical"
}
],
"unmapped_tool_action": "allow",
"fail_open": true,
"mode": "off",
"grace_period_hours": 123
},
"extensions": {},
"_composition": {
"canonical_id": "<string>",
"composed_at": "2023-11-07T05:31:56Z",
"scopes_applied": [
{
"scope": "<string>",
"version": 123,
"template_version": 123,
"card_id": "<string>"
}
],
"exemptions_applied": [
"<string>"
],
"source_card_id": "<string>",
"source_policy_id": "<string>"
}
},
"enabled": true
}Authorizations
BearerAuthApiKeyAuthCookieAuth
Supabase JWT token in Authorization: Bearer header
Path Parameters
Organization identifier (e.g. org-abc12345)
Response
Protection template (YAML or JSON).
⌘I